DATA TRANSPARENCY OVERVIEW

Project Automod
Effective Date: March 7, 2026
Document Version: 1.0.0

Purpose of This Document

This document provides a structured overview of all data collected, processed, and stored by Project Automod. It distinguishes between Operational Data (main database) and Integrity Data (master ledger).

All information is based on actual code implementation as of the effective date.

Database Architecture

Two-Tier System

┌─────────────────────────────────────┐
│   OPERATIONAL DATABASE (Main DB)   │
│   database/                         │
│   - Active data                     │
│   - Read/write operations           │
│   - Structured JSON files           │
│   - Soft delete capable             │
└─────────────────────────────────────┘
                 ↓
         (Every write logged to)
                 ↓
┌─────────────────────────────────────┐
│   INTEGRITY LEDGER (Master DB)     │
│   database/projectautomod/master/  │
│   - Append-only                     │
│   - Immutable                       │
│   - Checksummed entries             │
│   - Never physically deleted        │
└─────────────────────────────────────┘

Operational Database

Purpose: Day-to-day bot operations
Structure: Hierarchical folders with JSON files
Access: Direct file I/O
Modifications: Read, write, update, soft delete
Retention: Data persists until deleted

Master Integrity Ledger

Purpose: Audit trail and data integrity verification
Structure: Append-only log entries
Access: Write-only for most operations
Modifications: Append new entries only; erasure marks entries as erased but does not remove them
Retention: Permanent (entries never physically deleted)

Entry Format:

{
  "id": "1709812345678-a1b2c3d4e5f6g7h8",
  "type": "guild",
  "entityId": "1234567890",
  "action": "update",
  "data": { /* snapshot of changes */ },
  "timestamp": 1709812345678,
  "checksum": "sha256_hash",
  "metadata": {
    "erased": false,
    "reason": null,
    "erasedAt": null,
    "erasedBy": null
  }
}

Operational Data (Main DB)

Guild-Level Data

Location: database/guilds/{guild_id}/

data.json - Guild Identity & History

• Purpose: Track guild lifecycle and changes
• Contains:
  • Guild ID, name, owner ID
  • Bot join timestamp, who invited bot
  • Setup completion timestamp, who completed setup
  • Current state: owner, name, member count, icon, banner, features, tier, verification level
  • History: Array of change events (last 100 kept)
  • Metadata: Setup status, enabled status, inviter, timestamps, migration data

Change Event Structure:

{
  "timestamp": 1709812345678,
  "changes": {
    "guildName": { "old": "Old Name", "new": "New Name" },
    "ownerId": { "old": "123", "new": "456" }
  }
}

config.json - Guild Configuration

• Purpose: Store guild-specific settings
• Contains:
  • Bot prefix, language, timezone
  • Automod: enabled, banned words, action settings, thresholds
  • Verification: enabled, channel, role, mode
  • Logging: enabled, channel, event types
  • Anti-raid: enabled, mode, thresholds
  • Anti-nuke: enabled, whitelist, protections
  • Member gate: enabled, mode, requirements

metadata.json - Guild Statistics

• Purpose: Track guild activity metrics
• Contains:
  • Offense count
  • Verification failures
  • Audit events
  • Commands executed
  • Messages scanned
  • Members joined/left
  • Bans/kicks/warns issued
  • Premium status (active, tier, expires, features)
  • Activity: last active, last command, last event, active users
  • Health: error count, last error, ratelimit hits

premium.json - Premium Status

• Purpose: Track premium activation
• Contains:
  • Status (active/inactive)
  • Tier
  • Features array
  • Card ID used
  • Activated/expires timestamps
  • Auto-renew setting
  • Usage: AI requests, tokens used, storage used
  • History of premium events

Subdirectories

audit_logs/ - Daily Audit Logs

• Files: {type}_{YYYY-MM-DD}.json
• Contains: Up to 1000 log entries per file (older entries trimmed)
• Entry Fields: type, event, data, timestamp, ID

anti_raid/ - Anti-Raid Configuration

• Files: config.json
• Contains: Guild-specific anti-raid settings

msgautomod/ - Message Automod

• Files: config.json, offense logs
• Contains: Guild word lists, offense records

applications/ - Application System

• Files: Application templates and configs

application_submissions/ - User Submissions

• Files: Individual submission files by case ID
• Contains: User responses, timestamps, status

xp/ - XP System

• Files: guild_xp.json
• Contains: Per-user XP totals and levels

msgoffenses/ - Message Offense Records

• Files: offenses.json
• Contains: Detailed offense logs with message content

User-Level Data

Location: database/users/{user_id}/

profile.json - User Profile

• Purpose: User preferences and settings
• Contains:
  • User ID, username, discriminator
  • Settings: language, timezone, notifications, privacy
  • Preferences: embed colors, custom commands
  • Stats: commands used, messages scanned, XP total, level

metadata.json - Cross-Guild Tracking

• Purpose: Track user behavior across guilds
• Contains:
  • Flags: developer, staff, premium, blacklisted, global banned
  • Statistics: total offenses, warnings, bans, kicks, reports
  • Cross-guild data:
    • Offenses by guild
    • Bans by guild
    • Trust score (0-100, can go negative)
  • Activity: last seen, last guild, last action

premium.json - User Premium Status

• Purpose: Track premium cards owned
• Contains:
  • Status, tier
  • Cards array (all cards owned)
  • Active card ID
  • Guilds activated
  • Usage: AI requests, tokens used, guild slots
  • Billing: auto-renew, payment method, dates
  • History of premium events

Subdirectories

offenses/ - Per-Guild Offense Records

• Files: {guild_id}.json
• Contains: Array of offense objects
  • Timestamp, guild ID, category, severity
  • Detected words, message content
  • Moderator ID (if manual)

xp/ - Per-Guild XP Data

• Files: {guild_id}.json
• Contains: XP total, level, last update

Project-Level Data

Location: database/project/

config.json - Project Configuration

• Purpose: Global bot settings
• Contains:
  • System: name, environment, maintenance mode, debug mode
  • Features: AI enabled, premium enabled, global bans enabled, analytics enabled
  • Limits: max guilds, max users per guild, rate limits, AI request limits
  • Thresholds: warnings for ratelimits, errors, memory

metadata.json - Global Statistics

• Purpose: Bot-wide metrics
• Contains:
  • Statistics: total guilds, users, commands, messages, bans, offenses, uptime
  • Performance: avg response time, error rate, ratelimit hits, memory/CPU usage
  • Health: status, last check, issues array

premium-metrics.json - Premium Analytics

• Purpose: Premium system tracking
• Contains:
  • Totals: active cards, active guilds, active users, revenue
  • Usage: total AI requests, total tokens, total cost, breakdown by tier
  • Cards: issued, active, expired, revoked
  • Analytics: conversion rate, retention rate, churn rate

staff.json - Staff List

• Purpose: Internal permissions
• Contains:
  • Developer IDs array
  • Staff IDs array
  • Moderator IDs array
  • Permissions object

health.json - System Health

• Purpose: Monitor bot status
• Contains:
  • Status (healthy/degraded/down)
  • Uptime seconds
  • Start time, last restart time
  • Checks: database, discord, AI, filesystem (each with status and last check)
  • Errors array
  • Warnings array

Subdirectories

audit_logs/ - Project-Wide Audit Logs

• Files: Daily logs by type
• Contains: Bot-level events (not guild-specific)

eatherai/ - AI System Data

• Files:
  • memory.json - User memory contexts
  • history.json - Conversation histories
  • usage_ledger.json - AI usage tracking

EatherAI Data Fields:

• User ID
• Memory: short-term context, preferences, session metadata
• History: Recent conversations (last 6 exchanges kept per user)
• Ledger: User ID, timestamp, model, prompt tokens, completion tokens, total tokens, cost, premium status, query types used
• Rate limits: Timestamps of recent requests per user
• Daily tokens: Global token budget tracking

global_ban/ - Global Ban System

• Files:
  • incidents.json - All global ban incidents
  • bans.json - Active global bans
  • guild_bans.json - Guild-level bans
  • appeals.json - Ban appeals

Global Ban Data Fields:

• Incidents: case ID, accused user, reporting guild/user, category, summary, evidence, review status, grace period, escalation
• Bans: user ID, case IDs, ban date, categories, enforcement date, trust impact, appeal status
• Guild bans: guild ID, category, ban date, description, evidence
• Appeals: case ID, user ID, appeal text, timestamp, status, reviewer notes

anti_raid/ - Global Raid Tracking

• Files:
  • raid_events.json - Historical raid events
  • guild_configs.json - Global guild anti-raid configs
  • active_raids.json - Currently active raids

msgautomod/ - Global Word Packs

• Files:
  • global_categories.json - Global word category packs
  • banned_words.json - Legacy banned words

cards/ - Premium Card System

• Files:
  • cards.json - All issued premium cards
  • usage.json - Card usage tracking
  • grace.json - Grace period tracking
  • privacy.json - Privacy level per user
  • config.json - Card system config

Card Data Fields:

• Card ID, type (tier), mode (premium/gifted/dev)
• Issued to user ID, issued by user ID, issue timestamp
• Activated guild ID, activation timestamp, expiration timestamp
• Status, last used timestamp
• Usage: activations count, guilds activated, total time used
• Grace: enabled, activated timestamp, expires timestamp, reminder sent

surveys/ - Survey System

• Files:
  • {survey_id}.json - Survey definitions
  • responses/ - Survey responses
  • results/ - Compiled results
  • distributions/distribution_logs.json - Distribution tracking

Survey Data Fields:

• Survey ID, title, description, questions array
• Questions: ID, text, type, required, options (for choice questions)
• Responses: Survey ID, user ID, timestamp, answers object
• Individual responses are linked to user accounts (not anonymous)

vault/ - Vault System

• Files:
  • mappings.json - Vault entrance mappings
  • status.json - Vault status tracking
  • channels.json - Vault channel data

membergate/ - Member Gate System

• Files:
  • queue.json - Pending evaluations
  • analytics.json - Gate decision analytics

Other Project Data:

• guild_modes.json - Mode settings per guild
• dna_blueprint.json - Bot feature usage tracking
• status_messages.json - Status message IDs
• antinuke_intro.json - Anti-nuke intro states
• joinleave_presets.json - Join/leave panel configs
• history/command_history.json - Command execution history
• scam_media_global.json - Global scam media hashes
• scam_media_local.json - Guild-local media hashes
• media_escalations.json - Media escalation tracking

Integrity Data (Master Ledger)

Location: database/projectautomod/master/

Log Entry Types

Entity Types:

• guild - Guild-related changes
• user - User-related changes
• transaction - Premium transactions
• audit - Audit events
• audit_log - Specific audit log entries

Actions:

• create - New entity created
• update - Entity modified
• delete - Entity soft-deleted
• erase - Entity marked as erased
• snapshot - Periodic data snapshot
• config - Configuration change
• premium_update - Premium status change
• offense_added - Offense recorded
• data_update - Data.json updated

Subdirectories

guilds/ - Guild ledger entries
users/ - User ledger entries
logs/ - Audit log entries
snapshots/ - Periodic snapshots

Buffer System

Performance Optimization:

• Entries buffered in memory (100 max)
• Flushed every 30 seconds or when buffer full
• Reduces filesystem write load

Integrity Verification

Each entry includes SHA256 checksum of:

• Entity type
• Entity ID
• Action
• Data payload
• Timestamp

Checksums can be verified to detect tampering.

Erasure Handling

When data is erased:

• Entry marked with erased: true flag
• Reason, timestamp, and eraser user ID logged
• Data payload remains for audit purposes
• Checksum remains valid

No physical deletion occurs.

Cross-Server Data (Lense)

Implementation Status

Code mentions Lense cross-server trust analysis, but core implementation is incomplete.

Found in code:

• Lense command stubs
• Member gate mentions of Lense analysis
• Trust score calculation mentions
• Pro Trust application system

Not found in implementation:

• Lense data collection logic
• Cross-server pattern analysis
• Lense API or service endpoints
• Lense-specific database tables

Conclusion: Lense is planned but not fully operational as of effective date.

What We Do Not Collect

Discord Data We Do Not Store

• Message content of messages that do not trigger automod
• Voice chat audio
• Video call streams
• DMs between users (only DMs sent to the bot are logged)
• Private channel content where bot is not present
• Audit log entries Discord maintains (we log separately based on events we observe)

Personal Information We Do Not Collect

• Real names
• Email addresses
• Phone numbers
• Physical addresses
• Payment information (premium cards are issued, not purchased)
• IP addresses
• Browser fingerprints
• Cookies (no web dashboard operational)
• Device information

Third-Party Integrations We Do Not Have

• GitHub integration
• Google Drive integration
• Social media integrations
• Payment processors (no monetization)
• Analytics services (e.g., Google Analytics)
• Advertising networks

Data We Do Not Share

• We do not sell data to third parties
• We do not share data with advertisers
• We do not provide data to analytics services
• We do not share data with other bots (except global ban collaborations)

Exception: OpenAI receives AI prompts and responses as part of EatherAI operation (see AI Usage Disclosure).

Data Flow Diagram

┌─────────────────┐
│  User Action    │ (Message, command, interaction)
└────────┬────────┘
         │
         ↓
┌─────────────────┐
│  Bot Event      │ (Message create, interaction create, etc.)
└────────┬────────┘
         │
         ↓
┌─────────────────┐
│  Processing     │ (Automod scan, command execution, AI query)
└────────┬────────┘
         │
         ↓
┌─────────────────────────────────┐
│  Data Write Operation           │
│  - Write to operational DB      │
│  - Log to master ledger (async) │
└─────────────────────────────────┘
         │
         ↓
┌─────────────────┐
│  Data Stored    │
│  - JSON files   │
│  - Checksummed  │
└─────────────────┘

Data Minimization

Principles

Project Automod collects data necessary for:

• Moderation functionality
• Configuration persistence
• Audit Trail
• AI operation
• Premium system management
• Global ban protection

What Could Be Minimized Further

Offense Records:

• Message content snapshots are stored
• Could be hashed or truncated instead

Survey Responses:

• Individual responses linked to user IDs
• Could be anonymized after submission

AI Interaction Logs:

• Full prompt and response stored indefinitely
• Could be truncated or redacted after time

These are areas for future improvement but are not currently implemented.

Data Access

Who Has Access

Bot Process:

• Full read/write access to operational database
• Append access to master ledger

Developers:

• Filesystem access to database directory
• Manual read access for troubleshooting
• Manual write access for data corrections

Staff:

• Limited access via bot commands
• Can view global ban incidents
• Can review applications and surveys

Users:

• Access own data via commands (e.g., /premium cards)
• No direct filesystem access
• Can request data export via support

Data Retention Summary

Implementation Notes

What Is Not Implemented:

1. OAuth Dashboard:

   • No web dashboard authentication
   • No session management
   • No cookie handling
   • Dashboard files exist but are not operational

2. Lense Cross-Server System:

   • Mentioned in code
   • Partially stubbed
   • Core logic incomplete

3. Automated Data Deletion:

   • No scheduled erasure
   • No automated anonymization
   • Manual staff intervention required

4. Encryption at Rest:

   • Operational database files are plain JSON
   • Only vault system uses encryption
   • Master ledger is not encrypted

5. Backup System:

   • No automated backups found
   • Manual filesystem backup required

Document Generated: March 7, 2026
Based on Code Review: Complete codebase scan as of effective date
Schema Version: 1.0.0